The main job of a Digital Forensics Specialist is to perform recovery and investigation of material found in digital devices. The Digital Forensics Specialist has a technical background and has to be able to apply knowledge of computer forensic principles in the identification and collection of digital evidence.

  • Basics of File System & Data Storage
  • Characteristics of Digital Evidence
  • Digital forensics process – secure, search, identify, preview, acquire, authenticate, analyze, document
  •  Preparation of toolkit before going to Scene of Crime
  • SOP for searching, identifying, authentication and acquisition of digital evidences from Scene of Crime
  • Usage of Write Blocker, Hashing, Imaging, Cloning, wiping Triaging and Live Forensics
  • Collecting artefacts from the OS (Win, Linux, MAC)
  • Mobile Phone acquisition
  • Browser, DVR forensics
  • Handling protected systems such as password, encrypted systems
  • Secure packaging and transportation of evidences
  • Image Analysis tools
  • Documentation for drafting FIR, Seizure Memo, Chain of Custody Forms, 65B Certificates, Preparing forwarding note to charge sheet

Estimated Effort: 40

Advanced Digital Forensics


  • Understanding hexadecimal view of storage device and analyzing it
  • Windows, Linux and Mac forensics
  • Forensics of a virtual machine
  • Registry analysis and event log analysis of windows os
  • Forensic image analysis
  • Techniques of data carving
  • DVR forensics
  • Collecting cloud artefacts from a disk
  • Collecting artefacts of TOR from disk
  • IOT forensics
  • Malware and Network Forensics
  • Mobile Forensics and CDR

Estimated Effort: 50